From 5d570a017a395ad735645fe7b6283e776f445e9f Mon Sep 17 00:00:00 2001 From: Vismay Golwala Date: Thu, 28 Mar 2019 13:02:05 -0400 Subject: [PATCH] Validate virtual environment while running a job/inventory update Currently we only check the custom virtual environment path when it's created. However, to tackle with the case when the venv might have been changed/deleted afterward, we need to validate it at run-time too. Signed-off-by: Vismay Golwala --- awx-dev | Bin 0 -> 3072 bytes awx/main/tasks.py | 22 +++++++++++++++++----- awx/main/tests/unit/test_tasks.py | 4 ++-- 3 files changed, 19 insertions(+), 7 deletions(-) create mode 100644 awx-dev diff --git a/awx-dev b/awx-dev new file mode 100644 index 0000000000000000000000000000000000000000..919f2e5f580e255249506160e532d798db468f9d GIT binary patch literal 3072 zcmeHIy>7xV5VjN4PMuj#R)<7@kXo@ftumm70BIO9A(yzRtNeiDc5fe%N9dFEf&>zv zsuLB1PdZ!YyYGDZ&L=-j1E~ePRI1<_Zb^$!O6~v%Ar#d{-AZG(wg&Ev{g+VE`*yD| z%CgqPzQ)CfVc?_;OstD`r$ZCXpL0>Ka(v$NTCCnhxi~cKhsgJ0A7bx5@ZliVDS08f zh;%;_dfD#x=@;MROy78!Rr5k-ifdVw_0fT~mzN#+88}R)3}mTACKQC@7{XZ)z$6-u zyeNT3KLKwRkB1><8u?+|1;&?41|M84Ub%8^1_O5oLuXU#?_PxFQs9Lt*Fwue?4X<3 g+?(o?_QoVP3>XH^iGk*CHuHZ@9Wk{S2L6wMA8dYWCIA2c literal 0 HcmV?d00001 diff --git a/awx/main/tasks.py b/awx/main/tasks.py index e775cf17b9..b49b421db9 100644 --- a/awx/main/tasks.py +++ b/awx/main/tasks.py @@ -65,7 +65,7 @@ from awx.main.utils import (get_ssh_version, update_scm_url, ignore_inventory_computed_fields, ignore_inventory_group_removal, extract_ansible_vars, schedule_task_manager, get_awx_version) -from awx.main.utils.common import _get_ansible_version +from awx.main.utils.common import _get_ansible_version, get_custom_venv_choices from awx.main.utils.safe_yaml import safe_dump, sanitize_jinja from awx.main.utils.reload import stop_local_services from awx.main.utils.pglock import advisory_lock @@ -93,6 +93,12 @@ Try upgrading OpenSSH or providing your private key in an different format. \ logger = logging.getLogger('awx.main.tasks') +class InvalidVirtualenvError(Exception): + + def __init__(self, message): + self.message = message + + def dispatch_startup(): startup_logger = logging.getLogger('awx.main.tasks') startup_logger.info("Syncing Schedules") @@ -892,10 +898,13 @@ class BaseTask(object): env['PATH'] = os.path.join(venv_path, "bin") + ":" + env['PATH'] venv_libdir = os.path.join(venv_path, "lib") - if not isolated and not os.path.exists(venv_libdir): - raise RuntimeError( - 'a valid Python virtualenv does not exist at {}'.format(venv_path) - ) + if not isolated and ( + not os.path.exists(venv_libdir) or + os.path.join(venv_path, '') not in get_custom_venv_choices() + ): + raise InvalidVirtualenvError(_( + 'Invalid virtual environment selected: {}'.format(venv_path) + )) isolated_manager.set_pythonpath(venv_libdir, env) @@ -1252,6 +1261,9 @@ class BaseTask(object): status = 'failed' extra_update_fields['job_explanation'] = self.instance.job_explanation + except InvalidVirtualenvError as e: + extra_update_fields['job_explanation'] = e.message + logger.error('{} {}'.format(self.instance.log_format, e.message)) except Exception: # this could catch programming or file system errors extra_update_fields['result_traceback'] = traceback.format_exc() diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py index bae1e12453..649fb18b01 100644 --- a/awx/main/tests/unit/test_tasks.py +++ b/awx/main/tests/unit/test_tasks.py @@ -525,10 +525,10 @@ class TestGenericRun(): job.project.custom_virtualenv = '/venv/missing' task = tasks.RunJob() - with pytest.raises(RuntimeError) as e: + with pytest.raises(tasks.InvalidVirtualenvError) as e: task.build_env(job, private_data_dir) - assert 'a valid Python virtualenv does not exist at /venv/missing' == str(e.value) + assert 'Invalid virtual environment selected: /venv/missing' == str(e.value) class TestAdhocRun(TestJobExecution):